Enterprise support for Sealed Secrets #1288
Description
Many Helm charts, such as the Bitnami charts, generate secret templates using plain text values. This could lead to the leakage of credentials and other sensitive information. Sealed Secrets provides a simple solution for generating encrypted Kubernetes secrets called "Sealed Secrets". These Sealed Secrets will generate secrets by decoding them.
It is pretty simple to use Sealed Secrets with our Bitnami charts. Example using it with PostgreSQL:
- Generate and apply your Sealed Secret with your secrets encrypted:
kubectl create secret generic my-secret --from-literal postgres-password=mypassword --from-literal password=mypassword -o yaml --dry-run | kubeseal | kubectl apply -f -
This is going to generate a Sealed Secret using the public certificate generated by the Sealed Secrets Controller. - Install PostgreSQL using Bitnami charts:
helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql --set global.postgresql.auth.existingSecret=my-secret
🎉 Moreover, we are happy to announce that our VMware Application Catalog now includes enterprise support for Sealed Secrets. This means that VMware Application Catalog customers are entitled to receive technical support from VMware for any issue they face regarding the usage of Sealed Secrets. We continue to provide best-effort support for the project GitHub issues (as we are doing now).
For additional details, please refer to the following resource.